Apa yang Akan Kita Bangun?
Kita akan membuat sebuah RESTful API CRUD sederhana menggunakan Laravel 12. Untuk autentikasi, kita akan pakai Laravel Sanctum, yang cocok banget buat proyek ringan seperti backend untuk aplikasi mobile atau frontend berbasis Vue/React.
Yang akan kita pelajari:
- Install Laravel dan setup proyek
- Install Sanctum untuk autentikasi
- Buat model & migrasi data
- Setup register, login, dan logout API
- Buat API CRUD untuk data
Post
1. Buat Proyek Laravel Baru
Pastikan kamu sudah install PHP >= 8.2 dan Composer.
composer create-project laravel/laravel laravel-apiMasuk ke folder proyek:
cd laravel-api2. Install Sanctum
composer require laravel/sanctumPublish config dan migration Sanctum:
php artisan vendor:publish --provider="Laravel\\Sanctum\\SanctumServiceProvider"Lalu migrate database-nya:
php artisan migrate3. Konfigurasi Middleware Sanctum
Edit file app/Http/Kernel.php, bagian 'api':
'api' => [
\\Laravel\\Sanctum\\Http\\Middleware\\EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\\Illuminate\\Routing\\Middleware\\SubstituteBindings::class,
],4. Setup Model User untuk Token
Di file app/Models/User.php, tambahkan trait:
use Laravel\\Sanctum\\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
...
}5. Buat API untuk Register dan Login
Kita akan buat AuthController:
php artisan make:controller API/AuthControllerIsi file app/Http/Controllers/API/AuthController.php:
use App\\Models\\User;
use Illuminate\\Support\\Facades\\Hash;
use Illuminate\\Http\\Request;
class AuthController extends Controller
{
public function register(Request $request)
{
$data = $request->validate([
'name' => 'required',
'email' => 'required|email|unique:users',
'password' => 'required|min:6'
]);
$user = User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password'])
]);
$token = $user->createToken('api-token')->plainTextToken;
return response()->json(['token' => $token], 201);
}
public function login(Request $request)
{
$data = $request->validate([
'email' => 'required|email',
'password' => 'required'
]);
$user = User::where('email', $data['email'])->first();
if (! $user || ! Hash::check($data['password'], $user->password)) {
return response()->json(['message' => 'Email atau password salah'], 401);
}
$token = $user->createToken('api-token')->plainTextToken;
return response()->json(['token' => $token]);
}
public function logout(Request $request)
{
$request->user()->currentAccessToken()->delete();
return response()->json(['message' => 'Berhasil logout']);
}
}Tambahkan route-nya ke routes/api.php:
use App\\Http\\Controllers\\API\\AuthController;
Route::post('/register', [AuthController::class, 'register']);
Route::post('/login', [AuthController::class, 'login']);
Route::post('/logout', [AuthController::class, 'logout'])->middleware('auth:sanctum');6. Buat Model & Migrasi Post
php artisan make:model Post -mEdit file migration di database/migrations/..._create_posts_table.php:
Schema::create('posts', function (Blueprint $table) {
$table->id();
$table->foreignId('user_id')->constrained()->onDelete('cascade');
$table->string('title');
$table->text('content');
$table->timestamps();
});Lalu jalankan migrasi:
php artisan migrate7. Buat Relasi di Model
Di User.php:
public function posts()
{
return $this->hasMany(Post::class);
}Di Post.php:
public function user()
{
return $this->belongsTo(User::class);
}8. Buat Controller untuk Post
php artisan make:controller API/PostController --apiIsi PostController.php:
use App\\Models\\Post;
use Illuminate\\Http\\Request;
class PostController extends Controller
{
public function index()
{
return Post::with('user')->get();
}
public function store(Request $request)
{
$data = $request->validate([
'title' => 'required',
'content' => 'required',
]);
$post = $request->user()->posts()->create($data);
return response()->json($post, 201);
}
public function show(Post $post)
{
return $post;
}
public function update(Request $request, Post $post)
{
$this->authorize('update', $post);
$data = $request->validate([
'title' => 'string',
'content' => 'string',
]);
$post->update($data);
return response()->json($post);
}
public function destroy(Post $post)
{
$this->authorize('delete', $post);
$post->delete();
return response()->json(['message' => 'Post deleted']);
}
}9. Daftarkan Route API
use App\\Http\\Controllers\\API\\PostController;
Route::middleware('auth:sanctum')->group(function () {
Route::apiResource('posts', PostController::class);
});10. Coba API-nya!
Gunakan Postman atau REST Client untuk menguji API:
POST /api/register→ untuk registrasiPOST /api/login→ dapatkan tokenAuthorization: Bearer <token>→ untuk request CRUDGET /api/posts,POST /api/posts, dst
Kesimpulan
Kamu sekarang sudah punya RESTful API yang aman dan siap dipakai! Laravel Sanctum memberikan cara yang ringan dan mudah untuk mengelola autentikasi API, dan kamu sudah tahu bagaimana membuat operasi CRUD lengkap mulai dari login hingga delete.
Langkah selanjutnya? Bisa lanjut ke fitur pagination, validasi yang lebih kompleks, atau testing otomatis. Semangat belajar dan eksplorasi Laravel lebih dalam!
